[php-maint] Bug#702221: Bug#702221: php5: CVE-2013-1635 CVE-2013-1643
Ondřej Surý
ondrej at debian.org
Mon Mar 4 12:37:49 UTC 2013
Argh, thanks for poke.
Building for squeeze-security now.
$ diffstat php5_5.3.3-7+squeeze15.debdiff
debian/patches/CVE-2013-1635.patch | 48 +++++++++++++
debian/patches/CVE-2013-1643.patch | 135 +++++++++++++++++++++++++++++++++++++
php5-5.3.3/debian/changelog | 7 +
php5-5.3.3/debian/patches/series | 2
4 files changed, 192 insertions(+)
I will upload it directly to security-master if you agree.
O.
On Mon, Mar 4, 2013 at 10:36 AM, Moritz Muehlenhoff <jmm at inutil.org> wrote:
> Package: php5
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Hi,
> two issues have been reported in php5. CVE-2013-1635 doesn't classify as a security
> issue per the Debian Security policy, but if the fix is non-intrusive we
> could include it nonetheless:
>
> CVE-2013-1643
> http://git.php.net/?p=php-src.git;a=commitdiff;h=c737b89473df9dba6742b8fc8fbf6d009bf05c36
>
> CVE-2013-1635
> http://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74
>
> Cheers,
> Moritz
>
> _______________________________________________
> pkg-php-maint mailing list
> pkg-php-maint at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-php-maint
--
Ondřej Surý <ondrej at sury.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: php5_5.3.3-7+squeeze15.debdiff
Type: application/octet-stream
Size: 6853 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20130304/764a4058/attachment.obj>
More information about the pkg-php-maint
mailing list